Video Screencast Help
Security Community Blog
Showing posts in English
vgtero | 15 Apr 2014 | 0 comments

What is Heartbleed?

By now, you should be very well aware of vulnerability CVE-2014-0160, nicknamed HeartBleed.  Security engineers at Codenomicon and Google discovered a vulnerability last week in the popular OpenSSL cryptographic software library, an open-source implementation of the SSL and TLS protocols. OpenSSL is used by a large majority of organizations to secure the Internet's traffic. "Heartbleed," allows anyone on the Internet to read the memory of the systems using vulnerable versions of OpenSSL software. This may disclose the secret keys, allowing attackers to decrypt and eavesdrop on SSL-encrypted communications and impersonate service providers. In addition, other data in memory may be disclosed, including names and passwords of the users, or other data stored in memory by the service.  OpenSSL versions 1.0.1...

DeanJC | 14 Apr 2014 | 1 comment

2013 saw an increase in malware signed with valid code signing certificates. How did this happen? Are verified entities actually signing and distributing malware? That does not appear to be the case. Rather, the code signing private keys are being harvested from users' hard drives, extracted and sent to malicious parties. Microsoft identified a Trojan that specifically does just this. It's called Fareit and details about some of the malware signed using this exploit can be found here: http://blogs.technet.com/b/mmpc/archive/2013/12/15...

Symantec has come up with a solution to this using a cloud based code signing model. This approach keeps the private keys off developer's hard drives and in a secure environment...

SebastianZ | 14 Apr 2014 | 0 comments
  • Symantec Product Security has posted SYM14-005 Symantec LiveUpdate Administrator Unauthenticated/Unauthorized Account Access Modification and SQL injections advisory. This is a high severity advisory which affects LiveUpdate Administrator 2.3.2.99 and earlier. As part of normal best practices, Symantec strongly recommends keeping all operating systems and applications updated with the latest vendor patches.

Affected Products

...

Product

Version

Build

Solution(s)

Symantec LiveUpdate Administrator

2.x

2.3.2 and prior

Upgrade to LUA 2.3.2.110

Wally | 08 Apr 2014 | 0 comments

In addtion to the steps to follow in HOWTO54944 Licensing an unmanaged client,  after the .slf file is placed in the client's inbox as described in the HOWTO article, check the client's system log.

In the client's UI - VIEW LOGS>Client Management Log>System Log.  An entry appears that states "The client has successfully applied a license file (nnnnnnnn) from the inbox.", where nnnnnnnn is the name of the license file.

Some time after the license file is applied, another entry appears - "[Client authentication token request} Information submitted to Symantec]  Size bytes (nnn)" where nnn is the length of the CAT request.

If a valid license is not present, the CAT request will fail.

A L Johnson | 08 Apr 2014 | 2 comments

Symantec launched its 2014 Internet Security Threat Report (ISTR), Volume 19, which highlights how cybercriminals unleashed the most damaging series of cyberattacks in history – ushering in the era of the “Mega Breach.” Please visit the ISTR landing page for this year’s report and supplemental assets.

 

Muad'Dib | 03 Apr 2014 | 0 comments

I ran into an issue changing the Installed Feature set on clients and i wanted to share my solution.

I was following the below tech Article on how to add or remove features:

http://www.symantec.com/docs/TECH90936

What was happening is that when the client received the new Install Package with the updated feature set, the client would never update its installed features.

For example, if i had a client group which was installed without the Firewall feature, but then i wanted to add the Firewall feature it would not install.

After tons of searching around i found the following VERY helpful post:

https://www-secure.symantec.com/connect/forums/remove-sep-components-update-content

My situation was very similar. If the client was upgrading versions (for example from 12.1 RU3 to 12.1...

Chetan Savade | 03 Apr 2014 | 70 comments

Hello Everyone,

Symantec Endpoint Protection 12 RU4 MP1 is released.

This build's version is: 12.1.4100.4126

What's new in this release:

Extended upgrade support

  • Unlike most maintenance patch releases, you can upgrade any version of Symantec Endpoint Protection directly to 12.1.4.1. Unsupported downgrade paths still apply.

Expanded operating system support

  • The Symantec Endpoint Protection (SEP) client is now supported on Windows To Go (Windows 8.1 Enterprise).
  • Symantec Endpoint Protection Manager (SEPM), the SEP client, and the Symantec Network Access Control client are now supported on Windows 8.1 Update 1.
  • SEPM, the SEP client, and the Symantec Network Access Control client are now supported on Windows Server 2012 R2 Update 1

Note: If in case you do not see the SEP 12 RU4 MP1 Release on...

Mithun Sanghavi | 31 Mar 2014 | 4 comments

Symantec Endpoint Protection receives the AV-TEST AWARD FOR BEST PERFORMANCE 2013

AV-AWARD-Performance-Symantec-Endpoint-Protection_01_9d2b025116.png

Corporate Users (Windows): Symantec Endpoint Protection

The AV-TEST AWARD FOR BEST PERFORMANCE 2013 is presented to the security software that has the least influence upon a system once installed.

The tests that are carried out involve typical activities such as loading websites, downloading software, installing and starting up programs and copying files.

To check the regular test results - http...

Sym_Chris | 27 Mar 2014 | 0 comments

The big issues!

In our last blog, we noted that the most common issue that causes Symantec.cloud customers to contact support is mail delivery issues. With that in mind, we've prepared a series of videos that we think you'll find useful. They cover how the service works, common delivery issues and how to troubleshoot them.

We hope you find them useful.

Default Chromeless Player
...
Sym_Chris | 21 Mar 2014 | 0 comments

Hello!

Welcome to the first of many Symantec.cloud support blogs! It's been a busy year for everyone, with cloud-based IT solutions continuing to snatch headlines everywhere. We thought it would be a good time to share what we're doing in support.

Top Issues!

Here in support we monitor all of the issues coming through. Two items in particular come up time and time again and they are the most prevalent reasons our customers contact support for 2014 so far.

The first of these is Mail Failures. Symantec.cloud process literally billions of mail connections each week, so a certain degree of mail failures are to be expected. It might surprise you to learn however, that less than 10% of the mail failures investigated are as a result of the Email Security Service. Most mail failures occur with the sender or recipient.

With that in mind, we always advise our customers to read any bounceback message they receive carefully. We've put...